CVE-2020-15484

EUVD-2020-7477
An issue was discovered on Nescomed Multipara Monitor M1000 devices. The internal storage of the underlying Linux system stores data in cleartext, without integrity protection against tampering.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 32%
Affected Products (NVD)
VendorProductVersion
niscomedm1000_multipara_patient_monitor_firmware
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://payatu.com/advisory/lack-of-medical-data-encryption-in-niscomed-patient-monitor
https://www.niscomed.com/multipara-monitor.html
https://payatu.com/advisory/lack-of-medical-data-encryption-in-niscomed-patient-monitor
https://www.niscomed.com/multipara-monitor.html